Last week, the Vice President introduced his proposal to protectSocial Security numbers (SSNs), the Social Security Protection Act
of2000. Gore's proposal is sponsored by Sen. Dianne Feinstein (D-CA)and Rep. Ed Markey (D-MA). The proposal would limit the sale orpurchase of SSNs to instances in which an individual has voluntarilyand
affirmatively given his or her consent to that disclosure. Currently, SSNs -- often an important identifier for financial, creditand health records -- can simply be bought from "lookup services"without an individual's permission. The proposal would require theFederal Trade Commission and state attorneys general to jointlyenforce
the protections.

The proposal is an important first step in responding to the growingproblems with the misuse of the Social Security number. However,other issues could be addressed as the proposal goes forward. Forexample, outlawing the sale and purchase of the Social Security
numberhas been previously proposed in studies of SSNs. In addition,consumers should be assured that they would not lose the opportunityto receive a benefit or conduct business if a private company
unjustlyrequires a SSN. Many individuals can be compelled to provide a SSNthat they might otherwise not want to disclose. Also,
while consentis a key step before dislosing a SSN, it is preferable that the datacollector specify and limit future uses of that
data. Lastly, theproposal could include provisions so that the individual would have anindependent ability to pursue what he or
she thinks are infractions ofthe law and seek the appropriate remedies.

As reported in the press, the Vice President is also formulatingrestrictions on the use of genetic data. Following up on PresidentClinton's
executive order barring government agencies from usinggenetic data in hiring and promotion decisions (see EPIC Alert 7.03),Vice President Gore would seek to extend such protections to workersin the private sector. The issue at hand in both proposals is
thepossibility of discrimination against employees who may have geneticpredispositions for cancer or other diseases.

For more information about Social Security numbers is available at:

http://www.epic.org/privacy/ssn/

EPIC's recent testimony on the "Use and Misuse of the Social SecurityNumber" before the House Committee on Ways and Means:

http://www.epic.org/privacy/ssn/testimony_0500.html [2] EPIC Renews Call for Baseline Privacy Standards LegislationEPIC director Marc Rotenberg testified before the Senate CommerceCommittee on June 13, arguing that there is a current need forlegislation
to establish baseline privacy standards for electroniccommerce. The committee hearing focused on online data collectionpractices
and profiling by third party advertising companies such asDoubleClick. EPIC renewed the warning that self-regulation would failto
protect privacy, citing pending litigation and a Federal TradeCommission (FTC) inquiry growing out of DoubleClick's practices. Rotenberg told the committee, "We think the lesson is clear thatlegislation is necessary. Even good models for online advertising
canquickly change without baseline privacy rules."

Richard Smith, an Internet consultant who examines privacy issues,told the committee that "The data collection systems that the Internetad companies are currently running are getting personal and
sensitiveinformation that almost everyone will agree is none of the business ofthese companies." He said that, "It's almost like
they have puthidden microphones in our homes and our offices and they are listeningto what we do all day long."

The New York Times reported that all six senators who participated inthe hearing hearing said legislation is needed to ensure thatAmericans
are protected from unwittingly disclosing privateinformation. "Absent legislation, meaningful enforcement and airtightcoverage, online
profiling will eviscerate personal privacy," saidCommerce Committee Chairman John McCain (R-AZ). Privacy advocateshave long maintained
that industry "self-regulation" is inadequate toprevent invasions of privacy, especially in the online advertisingbusiness.

The FTC recently released a report on the results of its latest surveyof website privacy policies. The survey documented that only
20percent of a random sample of websites addressed basic elements ofFair Information Practices. Based on the findings of the survey,
amajority of the FTC Commissioners have recommended that legislation isneeded to protect privacy on the Internet (see item 5 below).

http://www.ftc.gov/reports/privacy2000/privacy2000text.pdf [3] EPIC Urges Rejection of Online Age Verification SystemsIn testimony before the Commission on Child Online Protection on June9, EPIC General Counsel David Sobel urged the rejection of ageverification
requirements as a condition of access to Internetcontent, noting that the privacy implications of such requirements areinseparable
from the free speech implications. He told the Commissionthat rather than focusing on approaches that seek to block access toinformation
and compromise privacy, it should emphasis and supporteducational initiatives that will help young people learn toresponsibly and
safely navigate the Internet.

The Commission is seeking to "identify technological or other methodsthat . . . will help reduce access by minors to material that
isharmful to minors on the Internet," including the deployment of "ageverification" systems. Given the inherent subjectivity of
terms suchas "harmful to minors" or "indecent," Sobel first told the Commissionthat EPIC believes efforts to mandate restrictions
on access to suchmaterial are prohibited by the First Amendment, particularly in amedium like the Internet, which makes content available
in everycommunity in the nation. He noted that First Amendmentconsiderations, as well as privacy issues, are an important aspect
ofthe Commission's inquiry, because "any requirement that Internet usersidentify themselves in some way as a condition of access
to onlinecontent necessarily chills free speech."

Sobel said that a new regime for the collection of personal data inthe name of "child online protection" would impose yet another
burdenon the privacy of Internet users. The American people, when they goonline, are already acutely aware of the fact that they
are beingover-monitored and over-profiled. For that reason, he said, suchrequirements would introduce a troubling new component
into theInternets architecture, one that would hasten the demise of bothpersonal privacy and freedom of expression.

The Commission on Child Online Protection was established by Congressin the Child Online Protection Act (COPA). The criminal provisions
ofCOPA have been enjoined by a federal judge in a constitutionalchallenge brought by EPIC and the ACLU. A decision on thegovernment's
appeal of that ruling is pending from the U.S. Court ofAppeals for the Third Circuit.

EPIC's testimony on Internet age verification is available at:

http://www.epic.org/free_speech/copa/statement_6_00.html Information on Internet content controls is available at the InternetFree Expression Alliance website:

http://www.ifea.net [4] Terrorism Commission Recommendations Could Threaten PrivacyThe National Commission on Terrorism recently released its report,"Countering the Changing Threat of International Terrorism." TheCommission was established shortly after U.S. embassies were attackedin
1998. The report puts forth several proposals that could threatenthe legal rights and privacy of Americans.

One of the more troubling proposals would be the streamlining ofprocedures required before law enforcement agencies can beginsurveillance
as set by the Foreign Intelligence Surveillance Act(FISA). Despite claims that "under ordinary circumstances, the FISAprocess can
be slow and burdensome," USA Today recently reported thatthe number of wiretaps used in spying and terrorism investigationslast year
hit an all-time of 880. The process for authorizing thiscategory of wiretap requests proceeds through a secret court withlittle
public accountability.

Many of the other proposals in the report may also impact personalprivacy. The Commission recommended the formation of a joint taskforce
composed of representatives from all government agenciespossessing information or authority relevant to possible fundraisingfor terrorist
groups. The list of agencies that would fall under thisbroad recommendation include the National Security Agency, CentralIntelligence
Agency, Federal Bureau of Investigation, Financial CrimesEnforcement Network, Department of State, U.S. Customs Service, Officeof
Foreign Assets Control and Internal Revenue Service. Otherrecommendations include closer monitoring of foreign students studyingin
the United States, new laws and international agreements to prevent"cyber crime" and the development of new sensors and detection
devicesto be used at entry points into the country.

The National Commission on Terrorism's report is available online at:

http://www.fas.org/irp/threat/commission.html More information on FISA and wiretaps is available at:

http://www.epic.org/wiretap/

[5] Commerce Committee Hears from FTC on Internet PrivacyThe Senate Commerce Committee convened on May 25 to hear testimonyregarding the Federal Trade Commission's report on Internet privacy(see
EPIC Alert 7.10). According to the Commission's surveys,approximately 42 percent of the busiest Web sites and only 20 percentof the random sample have privacy policies which address FairInformation
Practices. The report, approved by a 3-2 vote from theCommissioners, also recommended legislation in order to protectconsumer privacy
on the Internet.

At the Commerce Committee hearing, all five FTC Commissionerspresented testimony and spoke about the recent report. Also speakingwere
Jason Catlett, President of Junkbusters; Christine Varney, SeniorPartner at Hogan and Hartson; Jerry Berman, Executive Director of
theCenter for Democracy and Technology; Jill Lesser, Vice-President ofDomestic Public Policy at America Online; Daniel Weitzner,
Technologyand Society Domain Leader of the World Wide Web Consortium.

The full hearing is available over the web for the next few weeks at:

http://www.cspan.org/

The testimony of the FTC Commissioners is available at:

http://www.ftc.gov/opa/2000/05/privacytestimony.htm The testimony of Jason Catlett, President of Junkbusters is availableat:

http://www.junkbusters.com/ht/en/testimony.html [6] EPIC Event Addresses Privacy and the Free Software MovementOn June 5, EPIC held a symposium at the National Press Club on thefuture of the Internet, and in particular the state of privacyprotection
and the rise of the free software movement.

http://www.exbtv.com/index7.jhtml?subsectionId=6451 More information about the three new books highlighted at the eventand EPIC publications is available at:

http://www.epic.org/bookstore/

[7] EPIC Bookstore - New Publications on PrivacyThe Unwanted Gaze : The Destruction of Privacy in America by JeffreyRosen http://www.amazon.com/exec/obidos/ISBN=0679445463/electronicprivacA As thinking, writing, and gossip increasingly take place incyberspace, the part of our life that can be monitored and searchedhas
vastly expanded. E-mail, even after it is deleted, becomes apermanent record that can be resurrected by employers or prosecutorsat
any point in the future. On the Internet, every website we visit,every store we browse in, every magazine we skim--and the amount oftime we skim it--create electronic footprints that can be traced backto us, revealing detailed patterns about our tastes, preferences, andintimate
thoughts. In this pathbreaking book, Jeffrey Rosen exploresthe legal, technological, and cultural changes that have underminedour
ability to control how much personal information about ourselvesis communicated to others, and he proposes ways of reconstructing
someof the zones of privacy that law and technology have been allowed toinvade.

Ben Franklin's Web Site: Privacy and Curiosity from Plymouth Rock tothe Internet by Robert Ellis Smith http://www.amazon.com/exec/obidos/ISBN=0930072146/electronicprivacA This new book explores the hidden niches of American history todiscover the tug between Americans' yearning for privacy and theirinsatiable
curiosity. The book describes Puritan monitoring inColonial New England, then shows how the attitudes of the foundersplaced the
concept of privacy in the Constitution. This panoramicview continues with the coming of tabloid journalism in the NineteenthCentury, and the reaction to it in the form
of a new right - the rightto privacy. The book includes histories of wiretapping, of creditreporting, of sexual practices, of Social
Security numbers and IDcards, of modern principles of privacy protection, and of the comingof the Internet and the new challenges
to personal privacy it brings.

"Robert Ellis Smith's expose of privacy invasion will be one of thesleeper best-selling books in the year 2000," wrote columnist WilliamSafire
in The New York Times, December 1999. "His numerous books arerequired reading for anyone concerned about the ongoing threats," saidSimson
Garfinkel in Database Nation.

EPIC Publications:

"Cryptography and Liberty 2000: An International Survey of EncryptionPolicy," Wayne Madsen and David Banisar, editors, (EPIC 2000).Price: $20. http://www.epic.org/crypto&/

EPIC's third survey of encryption policies around the world. Theresults indicate that the efforts to reduce export controls on strongencryption
products have largely succeeded, although severalgovernments are gaining new powers to combat the perceived threats ofencryption
to law enforcement.

The "Physicians Desk Reference of the privacy world." An invaluableresource for students, attorneys, researchers and journalists who
needan up-to-date collection of U.S. and International privacy law, as wellas a comprehensive listing of privacy resources.

An international survey of the privacy and data protection laws foundin 50 countries around the globe. This report outlines theconstitutional
and legal conditions of privacy protection, andsummarizes important issues and events relating to privacy andsurveillance.

Additional titles on privacy, open government, free expression,computer security, and crypto, as well as films and DVDs can beordered through the EPIC Bookstore: http://www.epic.org/bookstore/

[8] Upcoming Conferences and EventsFirst Annual Institute on Privacy Law: Strategies for Legal Compliancein a High Tech and Changing Regulatory Environment. Practicing
LawInstitute. June 22-23, 2000. New York, NY. PLI Conference Center.For more information: http://www.pli.edu Telecommunications: The Bridge to Globalization in the InformationSociety. Biennial Conference of the International TelecommunicationsSociety.
July 2-5, 2000. For more information:http://www.its2000.org.ar Successfully Managing the New Data Protection Laws. Privacy Laws &Business. July 3-5, 2000. Cambridge, England. For more information:http://www.privacylaws.com/

Privacy: A Social Research Conference. New School University. October5-7, 2000. New York, NY. For more information:http://www.newschool.edu/centers/socres/privacy/

Privacy2000: Information and Security in the Digital Age. October 31-November 1, 2000. Columbus, Ohio. Adam's Mark Hotel. For moreinformation: http://www.privacy2000.org Subscription InformationThe EPIC Alert is a free biweekly publication of the ElectronicPrivacy Information Center. A Web-based form is available forsubscribing
or unsubscribing at:

If you'd like to support the work of the Electronic PrivacyInformation Center, contributions are welcome and fullytax-deductible.
Checks should be made out to "The Fund forConstitutional Government" and sent to EPIC, 1718 ConnecticutAve., NW, Suite 200, Washington,
DC 20009.

Your contributions will help support Freedom of Information Act andFirst Amendment litigation, strong and effective advocacy for theright of privacy and efforts to oppose government regulation
ofencryption and expanding wiretapping powers.